﻿using Microsoft.Owin;
using Microsoft.Owin.Cors;
using Microsoft.Owin.Security.OAuth;
using Owin;
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Http;
using WebApiVersionControl.OAuth;

namespace WebApiVersionControl.App_Start
{
	public class Startup
	{
        public void Configuration(IAppBuilder app)
        {

            ConfigAuth(app);

            HttpConfiguration config = new HttpConfiguration();
            WebApiConfig.Register(config);
            app.UseCors(CorsOptions.AllowAll);
            app.UseWebApi(config);
        }

        private void ConfigAuth(IAppBuilder app)
        {
            OAuthAuthorizationServerOptions oAuth = new OAuthAuthorizationServerOptions
            {
                AllowInsecureHttp = true,
                //获取 access_token 授权服务请求地址
                TokenEndpointPath = new PathString("/token"),
                //access_token 过期时间
                AccessTokenExpireTimeSpan = TimeSpan.FromMinutes(2),
                //access_token 相关服务
                Provider = new SimpleAuthorizationServerProvider(),
                //access_token 授权服务
                RefreshTokenProvider = new SimpleRefreshTokenProvider()
            };
            app.UseOAuthAuthorizationServer(oAuth);
            app.UseOAuthBearerAuthentication(new OAuthBearerAuthenticationOptions());
        }
    }
}